﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Security.Cryptography;
using System.Text;
using MySql.Data.MySqlClient;
using System.Security.Principal;
using System.Web.Security;

public partial class Account_Login : System.Web.UI.Page
{
    DBAcess db = new DBAcess();
    protected void Page_Load(object sender, EventArgs e)
    {
        Page.Title = "Employee Login | Nexus-Z Auto Rental";
    }
    protected void Button1_Click(object sender, EventArgs e)
    {
        MySqlCommand cmd = new MySqlCommand("select employee_id from employees where employee_id=(@employeeID) and password=(@password)", db.returnCon());
        cmd.Parameters.AddWithValue("@employeeID", TextBox1.Text);
        cmd.Parameters.AddWithValue("@password", getMd5Hash(TextBox2.Text));
        db.open();
        if (cmd.ExecuteReader().HasRows)
        {
            Session["employeeID"] = TextBox1.Text;
            Session["role"] = "Employee";
            
            Response.Redirect("~/Employee/Welcome.aspx");
        }
        else
        {
            Label4.Visible = true;
        }
        db.close();

    }
    static string getMd5Hash(string input)
    {
        MD5 md5Hasher = MD5.Create();

        byte[] data = md5Hasher.ComputeHash(Encoding.Default.GetBytes(input));

        StringBuilder sBuilder = new StringBuilder();
        for (int i = 0; i < data.Length; i++)
        {
            sBuilder.Append(data[i].ToString("x2"));
        }
        return sBuilder.ToString();
    }

    protected void Button2_Click(object sender, EventArgs e)
    {
    }
}